One of the biggest challenges is finding technical talent that can do testing of applications at the level of depth as Praetorian security engineers are able to provide to us.
What is your name and role at Zoom?
My name is Richard Farley and I’m the Chief Information Security Officer at Zoom. My responsibilities include the security of the Zoom service, as well as the security of Zoom’s corporate IT infrastructure.
What can you tell me about Zoom and its business?
Zoom is a leader in the collaboration space with products used by companies all over the world to do online meetings and desktop sharing—broadcast style communications.
What were the business challenges Zoom faced before working with Praetorian?
With the growth of Zoom and the number of marque customers that trust us with their critical data, we become a bigger target and our customers become a bigger target. So it's critical for us to leverage the best partners to make sure that we identify any security issues and vulnerabilities that might exist in the Zoom platform and address those as quickly as possible.
Why did Zoom choose Praetorian?
Zoom chose Praetorian because we felt like they could hit the ground running and there wasn't a long learning phase required to get familiar with the applications, infrastructure, and source code. Praetorian brought in a team of top notch security engineers.
How did Praetorian help Zoom achieve its goals?
The scope of work we engaged with Praetorian on included threat modeling—identifying the inputs and outputs of the system—to find areas that an attacker might try to exploit to compromise the system. Then determine what the areas of focus should be for the other parts of the engagement, which included security source code review to identify issues at the source code level. And finally, manual and automated penetration testing.
What were the business outcomes for Zoom as a results of working with Praetorian?
The work that Praetorian security engineers did with both Zoom’s software engineering team and my security team was extremely valuable in identifying those issues and getting them addressed very quickly.
What are the major security challenges faced by technology companies like Zoom?
One of the biggest challenges that we face in security today is finding the talent with the necessary skills and experience. Praetorian brings to the table a team of security engineers who have experience across multiple industries. The depth of experience and skills that Praetorian brings to the table is hard to build a house.
What are the benefits of working with Praetorian?
I would recommend Praetorian to any other SaaS company CISO that is looking to get an outside, third-party perspective with top security engineering talent and a structured method to doing these types of engagements.